NSA blames 3,000 leaked privacy violations on ‘employee mistakes’

Nearly 3,000 violations of Americans’ privacy, mentioned in the National Security Agency’s internal audit recently leaked by former contractor Edward Snowden, weren’t “willful” and are results of mistakes by employees, the agency claimed.

The NSA's director of compliance, John DeLong, has held a
conference call with reporters Friday as the agency has made the
most direct effort to counter concern over its spying activities
since its classified documents began appearing in the press.
“NSA has a zero tolerance policy for willful misconduct,”
DeLong is cited as saying by the Wall Street Journal. “None of
the incidents that were in the document released were
willful.”

However, he admitted that there was “a couple” of willful
privacy violations during the past 10 years, but didn’t provide
any details of those incidents.

According to DeLong, the NSA had about a 0.0005 percent error
rate, with roughly 100 mistakes out of 20 million queries a
month.
“No one at NSA thinks a mistake is OK, but those kinds of reports
are designed and generated to make sure we understand when
mistakes occur," DeLong said.

The explanations followed the publication of Snowden-leaked NSA’s
internal audit report on privacy violations in The Washington
Post on Thursday.

That document analyzed the different types of violations of
policy or law for the year ended March 2012. The majority of the
2,776 breaches came from cases when the NSA continued monitoring
foreigners through their cellphone use after they already left
the United States.

The audit report said such violations were “largely
unpreventable,” attributing the wave of "roamer"
incidents to an increase in Chinese citizens visiting their
American friends for Chinese New Year celebrations.
The document also speaks of one episode of mishandling telephone
data as the NSA found out of more than 3,000 records being
retained past their five-year expiration date.

DeLong claimed that the call records were deleted right after
they were discovered, and that they hadn't been reviewed by the
agency’s analysts.

Another “significant incident,” mentioned in the audit,
occurred when an individual remained under surveillance even
after obtaining a US Green Card, without the NSA having an
individualized warrant to continue its spying activities on the
person.

Improper granting of access to a sensitive database was also
among the breaches documented in the internal audit.

The Washington Post reported a separate problem, when the NSA
said that it had collected data on a “large number” of
phone numbers in Washington DC because the system was incorrectly
set to the 202 area code instead of the 20 country code, which is
Egypt.

Another document the paper published revealed a serious
constitutional violation by the agency as it established a
collection program for 'Multiple Communications Transactions,'
which was deemed “deficient on statutory and constitutional
grounds” by the Foreign Intelligence Surveillance Court.

NSA's director of compliance said that he couldn't describe the
scope of that violation on the issue, but once again repeated
that it “wasn't willful.” The collection later resumed
under new court-approved procedures, he added.

Answering The Washington Post’s complaint that the audit hadn't
been made available to Congress, DeLong said the NSA provided
this type of data to lawmakers and agencies with oversight
responsibilities.

Despite this specific document being designed for internal use,
its results were incorporated into other reports provided to US
lawmakers, DeLong said.

The Senate Intelligence Committee, overseeing the surveillance
programs, said it “has never identified an instance in which
the NSA has intentionally abused its authority to conduct
surveillance for inappropriate purposes.”

But the some congressmen believe they aren’t getting enough
information on the NSA activities, demanding a public debate on
the surveillance programs.
“We have previously said that the violations of these laws and
rules were more serious than had been acknowledged, and we
believe Americans should know that this confirmation is just the
tip of a larger iceberg,” Democratic Senators Ron Wyden and
Mark Udall said in a joint statement.

In a White House statement Friday, deputy press spokesman Josh
Earnest insisted that the violations didn't reflect intentional
law-breaking by the NSA, and that the detailed report showed that
the agency was pro-actively monitoring its own work.

“The documents demonstrate that the NSA is monitoring,
detecting, addressing and reporting compliance incidents. We have
been keeping the Congress appropriately informed of compliance
issues as they arise,” he said.

US President Barack Obama also fended off attacks on the
surveillance programs conducted by the NSA during a press
conference earlier this month.
“What you’re not reading about is the government actually abusing
these programs and listening on people’s phone calls or
inappropriately reading peoples’ emails,” Obama said.
“What you’re hearing about is the prospect that these could be
abused. The part of the reason they aren’t abused is because
these checks are in place. And those abuses would be against the
law.”

But leaked audit report is bringing the US president’s claims
into doubt that Americans' privacy rights were safeguarded and
violations by the NSA were only a possibility.